package org.drasyl.identity;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.util.DefaultPrettyPrinter;
import io.netty.util.internal.SystemPropertyUtil;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.attribute.PosixFilePermission;
import java.security.KeyPair;
import java.util.Collections;
import java.util.Objects;
import java.util.Set;
import org.drasyl.DrasylConfig;
import org.drasyl.crypto.Crypto;
import org.drasyl.crypto.CryptoException;
import org.drasyl.util.JSONUtil;
import org.drasyl.util.PathUtil;
import org.drasyl.util.ThrowingSupplier;
import org.drasyl.util.logging.Logger;
import org.drasyl.util.logging.LoggerFactory;

/* loaded from: input_file:org/drasyl/identity/IdentityManager.class */
public class IdentityManager {
    public static final byte POW_DIFFICULTY = (byte) SystemPropertyUtil.getInt("org.drasyl.identity.pow-difficulty", 6);
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) IdentityManager.class);
    private final ThrowingSupplier<Identity, IOException> identityGenerator;
    private final DrasylConfig config;
    private Identity identity;

    public IdentityManager(DrasylConfig drasylConfig) {
        this(IdentityManager::generateIdentity, drasylConfig, null);
    }

    IdentityManager(ThrowingSupplier<Identity, IOException> throwingSupplier, DrasylConfig drasylConfig, Identity identity) {
        this.identityGenerator = throwingSupplier;
        this.config = drasylConfig;
        this.identity = identity;
    }

    public void loadOrCreateIdentity() throws IOException {
        if (this.config.getIdentityProofOfWork() == null || this.config.getIdentityPublicKey() == null || this.config.getIdentityPrivateKey() == null) {
            Path identityPath = this.config.getIdentityPath();
            if (isIdentityFilePresent(identityPath)) {
                LOG.debug("Read Identity from file '{}'", identityPath);
                this.identity = readIdentityFile(identityPath);
            } else {
                LOG.debug("No Identity present. Generate a new one and write to file '{}'.", identityPath);
                Identity identity = this.identityGenerator.get();
                writeIdentityFile(identityPath, identity);
                this.identity = identity;
            }
        } else {
            LOG.debug("Load identity specified in config");
            try {
                this.identity = Identity.of(this.config.getIdentityProofOfWork(), this.config.getIdentityPublicKey(), this.config.getIdentityPrivateKey());
            } catch (IllegalArgumentException e) {
                throw new IOException("Identity read from configuration seems invalid", e);
            }
        }
        if (!this.identity.isValid()) {
            throw new IOException("Loaded or Created Identity is invalid.");
        }
    }

    private static boolean isIdentityFilePresent(Path path) {
        return path.toFile().exists() && path.toFile().isFile();
    }

    private static Identity readIdentityFile(Path path) throws IOException {
        try {
            if (!PathUtil.hasPosixSupport(path) || Collections.disjoint(Files.getPosixFilePermissions(path, new LinkOption[0]), Set.of(PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.GROUP_WRITE, PosixFilePermission.GROUP_READ, PosixFilePermission.OTHERS_EXECUTE, PosixFilePermission.OTHERS_WRITE, PosixFilePermission.OTHERS_READ))) {
                return (Identity) JSONUtil.JACKSON_READER.readValue(path.toFile(), Identity.class);
            }
            throw new IOException("Unprotected private key: It is required that your identity file '" + path + "' is NOT accessible by others.'");
        } catch (JsonProcessingException e) {
            throw new IOException("Unable to load identity from file '" + path + "': ", e);
        }
    }

    public static Identity generateIdentity() throws IOException {
        try {
            KeyPair generateKeys = Crypto.generateKeys();
            CompressedPublicKey of = CompressedPublicKey.of(Crypto.compressedKey(generateKeys.getPublic()));
            return Identity.of(ProofOfWork.generateProofOfWork(of, POW_DIFFICULTY), of, CompressedPrivateKey.of(Crypto.compressedKey(generateKeys.getPrivate())));
        } catch (CryptoException e) {
            throw new IOException("Unable to generate new identity", e);
        }
    }

    private static void writeIdentityFile(Path path, Identity identity) throws IOException {
        File file = path.toFile();
        if (Files.isDirectory(path, new LinkOption[0]) || !(file.getParentFile() == null || file.getParentFile().exists())) {
            throw new IOException("Identity path '" + path + "' is a directory or path does not exist");
        }
        if (file.exists() && !file.canWrite()) {
            throw new IOException("Identity path '" + path + "' is not writable");
        }
        if (PathUtil.hasPosixSupport(path) && file.createNewFile()) {
            Files.setPosixFilePermissions(path, Set.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE));
        }
        JSONUtil.JACKSON_WRITER.with(new DefaultPrettyPrinter()).writeValue(file, identity);
    }

    public CompressedPublicKey getPublicKey() {
        return this.identity.getPublicKey();
    }

    public CompressedPrivateKey getPrivateKey() {
        return this.identity.getPrivateKey();
    }

    public ProofOfWork getProofOfWork() {
        return this.identity.getProofOfWork();
    }

    public Identity getIdentity() {
        return (Identity) Objects.requireNonNull(this.identity);
    }

    public static void deleteIdentityFile(Path path) throws IOException {
        if (path.toFile().exists()) {
            Files.delete(path);
        }
    }
}
